Re: [Cfrg] adopting Argon2 as a CFRG document
marshalko_gb@tc26.ru Fri, 29 January 2016 03:35 UTC
Return-Path: <marshalko_gb@tc26.ru>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8AC321B3819 for <cfrg@ietfa.amsl.com>; Thu, 28 Jan 2016 19:35:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.169
X-Spam-Level: **
X-Spam-Status: No, score=2.169 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_EQ_RU=0.595, HOST_EQ_RU=0.875, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ue0bP_KavEGF for <cfrg@ietfa.amsl.com>; Thu, 28 Jan 2016 19:34:59 -0800 (PST)
Received: from mail.tc26.ru (mail.tc26.ru [188.40.163.82]) by ietfa.amsl.com (Postfix) with ESMTP id C4C7B1B3818 for <Cfrg@irtf.org>; Thu, 28 Jan 2016 19:34:58 -0800 (PST)
Received: from f422.i.mail.ru (f422.i.mail.ru [185.5.136.93]) by mail.tc26.ru (Postfix) with ESMTPSA id 4CB52300460; Fri, 29 Jan 2016 06:34:34 +0300 (MSK)
DKIM-Filter: OpenDKIM Filter v2.10.3 mail.tc26.ru 4CB52300460
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tc26.ru; s=mx; t=1454038497; bh=B/0nNeBtn6dMJK/beZAHyKOirgCj5DZtc3v9trpJr1I=; h=From:To:Cc:Subject:Date:Reply-To:In-Reply-To:References:From; b=ykt1a37E/XKHfhSMP9kpGxh+1SuUZXafPAM/31RLQEGrc63wKLwS0Xf28e3qsST/F O8ZNFztxFr8C2zkoh40qSLbRt/MThv/tmz7LRi8f5yB4CesHGVOWSwj16CSbC4xrKV 4nUW/TpVKLpq/YJe25zoYXxOqOC9ctaveN0fpE50=
From: marshalko_gb@tc26.ru
To: Paul Grubbs <pag225@cornell.edu>
MIME-Version: 1.0
X-Mailer: Mail.Ru Mailer 1.0
X-Originating-IP: [91.77.92.200]
Date: Fri, 29 Jan 2016 06:34:32 +0300
X-Letter-Fingerprint: Drt5XACFXjQB3Zbj9YguCEVMlVqoOK3F
X-Priority: 3 (Normal)
Message-ID: <1454038472.581582287@f422.i.mail.ru>
Content-Type: multipart/alternative; boundary="--ALT--8b724f141454038472"
X-Mras: Ok
X-Spam: undefined
In-Reply-To: <CAKDPBw8VGQo3WJV2hSe3tM3Tzm+Xp6OE7hds-BK5Vcv9ai1S3g@mail.gmail.com>
References: <D2C82E57.60B44%kenny.paterson@rhul.ac.uk> <9f49e240b03d7b6156b0ed08912ef520@mail.tc26.ru> <CAKDPBw8VGQo3WJV2hSe3tM3Tzm+Xp6OE7hds-BK5Vcv9ai1S3g@mail.gmail.com>
X-KLMS-Rule-ID: 1
X-KLMS-Message-Action: clean
X-KLMS-AntiSpam-Lua-Profiles: 90380 [Jan 29 2016]
X-KLMS-AntiSpam-Version: 5.5.6
X-KLMS-AntiSpam-Envelope-From: marshalko_gb@tc26.ru
X-KLMS-AntiSpam-Rate: 15
X-KLMS-AntiSpam-Status: not_detected
X-KLMS-AntiSpam-Method: none
X-KLMS-AntiSpam-Moebius-Timestamps: 3937077, 3937099, 3936459
X-KLMS-AntiSpam-Info: LuaCore: 407 407 95088b6730bc8abe9b35391686e3291f9b43d2f2, Auth:dmarc=fail header.from=tc26.ru policy=reject; spf=fail smtp.mailfrom=tc26.ru; dkim=none, dmarc_local_policy_1
X-KLMS-AntiSpam-Interceptor-Info: scan successful
X-KLMS-AntiPhishing: Clean, 2016/01/26 12:51:30
X-KLMS-AntiVirus: Kaspersky Security 8.0 for Linux Mail Server, version 8.0.1.721, bases: 2016/01/28 22:12:00 #6884698
X-KLMS-AntiVirus-Status: Clean, skipped
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/0bmeo-WV6tsS4FvwaJY8IGxUiNQ>
Cc: "cfrg@irtf.org" <Cfrg@irtf.org>
Subject: Re: [Cfrg] adopting Argon2 as a CFRG document
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: marshalko_gb@tc26.ru
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Jan 2016 03:35:02 -0000
I believe that we would see a sort of response to this challenge from argon suthors soon. It is quite natural to adjust security proofs yo the new techniques Cheers, Grigory -- Отправлено из Mail.Ru для Android пятница, 29 января 2016г., 00:53 +0300 от Paul Grubbs < pag225@cornell.edu> : >Would it be out of the question to ask the authors of Argon2 (or anybody, really) to do a more formal analysis of its space-hardness? It would be nice to have a proof (e.g. based on pebbling arguments) of some kind of time-space tradeoff for Argon2. > >On Thu, Jan 28, 2016 at 3:39 PM, Grigory Marshalko < marshalko_gb@tc26.ru > wrote: >>Indeed, the PHC competition has significantly contributed to the design and analysis of password-hashing schemes. It's a nice mixture of crypto and engineering. So it would be desirable to wait until we understand the limits of attacks and corresponding countermeasures. >>The article on baloon hashing is a significant step forward for understanding these issues. >> >>Regards, >>Grigory Marshalko, >>expert, >>Technical committee for standardisation "Cryptography and security mechanisms" (ТC 26) >>www.tc26.ru >>22 января 2016 г., 22:31, "Paterson, Kenny" < Kenny.Paterson@rhul.ac.uk > написал: >>> Mike, >>> >>> Thanks. The authors of the Argon2 design may in due course tweak their >>> design to avoid the identified problems, or argue that they are not >>> sufficiently worrisome to warrant a change to the design. >>> >>> We definitely need to factor this in to our deliberations, and we will >>> take the time to do so. Let's see how it plays out... >>> >>> Regards >>> >>> Kenny >>> >>> On 22/01/2016 19:20, "Mike Hamburg" < mike@shiftleft.org > wrote: >>> >>>> We might want to hold off on Argon2 — at least on finalizing it — until >>>> the team has >>>> responded to (and hopefully mitigated) the issues mentioned at >>>> https://eprint.iacr.org/2016/027 . Essentially the problem is that Argon2 >>>> can be computed >>>> in less space than advertised. The team said that they are planning a >>>> response, cf >>>> http://permalink.gmane.org/gmane.comp.security.phc/3606 >>>> >>>> Cheers, >>>> — Mike >>>> >>>> On Jan 22, 2016, at 11:10 AM, Paterson, Kenny < Kenny.Paterson@rhul.ac.uk > >>>> wrote: >>>> >>>> Dear CFRG, >>>> >>>> Having received limited feedback either way from the group (specifically, >>>> one voice in favour), the CFRG chairs have decided to adopt >>>> https://tools.ietf.org/html/draft-josefsson-argon2-00 as a CFRG document. >>>> >>>> If you have objections or concerns, please reply to this email or directly >>>> to CFRG chairs. >>>> >>>> Sincerely, >>>> >>>> Kenny Paterson (for the chairs) >>>> >>>> On 06/11/2015 11:47, "Paterson, Kenny" < Kenny.Paterson@rhul.ac.uk > wrote: >>>> >>>> Hi Stephen, >>>> >>>> Yes, the chairs are amenable to this. We've been keeping an eye on the >>>> password hashing competition and were planning a work item in this area. >>>> >>>> Any comments from the group, either supporting or objecting to us adopting >>>> this draft in the RG? >>>> >>>> Cheers, >>>> >>>> Kenny >>>> >>>> (for the chairs) >>>> >>>> On 06/11/2015 02:18, "Cfrg on behalf of Stephen Farrell" >>>> < cfrg-bounces@irtf.org on behalf of >>>> stephen.farrell@cs.tcd.ie > wrote: >>>> >>>> The password hashing competition has a winner and some folks >>>> in the openpgp wg are interested in using that winner. I guess >>>> this might be better processed via cfrg if folks are amenable >>>> to that. >>>> >>>> Thanks, >>>> S. >>>> >>>> _______________________________________________ >>>> Cfrg mailing list >>>> Cfrg@irtf.org >>>> https://www.irtf.org/mailman/listinfo/cfrg >>> >>> _______________________________________________ >>> Cfrg mailing list >>> Cfrg@irtf.org >>> https://www.irtf.org/mailman/listinfo/cfrg >> >>_______________________________________________ >>Cfrg mailing list >>Cfrg@irtf.org >>https://www.irtf.org/mailman/listinfo/cfrg >
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Paterson, Kenny
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Dmitry Khovratovich
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Dmitry Khovratovich
- Re: [Cfrg] adopting Argon2 as a CFRG document Paterson, Kenny
- Re: [Cfrg] adopting Argon2 as a CFRG document Mike Hamburg
- Re: [Cfrg] adopting Argon2 as a CFRG document Paterson, Kenny
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Grigory Marshalko
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Paul Grubbs
- Re: [Cfrg] adopting Argon2 as a CFRG document Mike Hamburg
- Re: [Cfrg] adopting Argon2 as a CFRG document marshalko_gb
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Paterson, Kenny
- [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFRG do… Dmitry Khovratovich
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Dmitry Khovratovich
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Joel Alwen
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Jean-Philippe Aumasson
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Joel Alwen
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Jean-Philippe Aumasson
- Re: [Cfrg] adopting Argon2 as a CFRG document Jeremiah Blocki
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Stefano Tessaro